Robert Rockstroh
Cranebrook,NSW
Summary
Experienced Cyber Security Incident Response Lead with 15+ years in ICT, specialising in incident response, infrastructure and security optimization. Strong technical acumen, leadership, and strategic planning skills. Adept at solving complex problems, mentoring teams, and driving innovative solutions with automation, workflows, and strategic planning.
Overview
19
19
years of professional experience
Work History
Cyber Security Incident Detection & Response Lead
Tyro Payments
03.2024 - Current
- Audit Preparation
- Monthly Metrics
- Staff managerial activities & enablement
- Monitor SIEM dashboards & analyse cyber threats across endpoint, server, and cloud
- Conduct Cyber Threat Intelligence (CTI) and hunting using OSINT & closed-source feeds.
- Develop playbooks & oversee use case development.
- Collaborate with industry counterparts.
- Leadership & Mentoring
Cyber Incident Responder & Threat Intel Manager
Qantas
01.2020 - 03.2024
- Monitor SIEM dashboards & analyse cyber threats across endpoint, server, and cloud.
- Conduct Cyber Threat Intelligence (CTI) and hunting using OSINT & closed-source feeds
- Develop playbooks & oversee use case development.
Senior CSIRT Consultant
Verizon
06.2019 - 12.2019
- Provided high-level CSIRT consultancy for enterprise clients.
- Implemented continuous improvement strategies for security operations.
- Mentored junior staff & advised on attack vector.
CSIRT Analyst
Commonwealth Bank
11.2016 - 06.2019
- Company Overview: (10+ years with CBA)
- Conducted SIEM investigations & tuned detection rules
- Performed forensic memory & disk analysis for malware investigations.
- Developed & optimized automated threat detection use cases
- Engaged in high-priority incident response with business stakeholders.
- (10+ years with CBA)
Cyber Security Centre Analyst
Commonwealth Bank of Australia
12.2015 - 11.2016
- Triaged security alerts & escalated incidents to response teams
- Investigated IDS alerts & phishing attempts.
- Managed vendor relationships & security tool maintenance
Security Analyst
Commonwealth Bank of Australia
12.2010 - 12.2015
- Managed web proxy & email security governance
- Conducted log analysis for security improvements.
- Led security change management initiatives.
Service Desk Analyst
Commonwealth Bank of Australia
09.2008 - 12.2010
- Provided Level 1 & 2 technical support for internal business units.
- Managed multiple incident queues & met strict KPIs.
Service Desk Analyst
Telstra Bigpond
01.2007 - 09.2008
- Provided technical support for internet connectivity issues.
- Trained & mentored new employees.
Education
GED -
TAFE NSW
NSW12-1999
Skills
- Cybersecurity incident response
- Digital forensics
- Cyber threat intelligence
- SIEM solutions (Splunk, Exabeam)
- Threat hunting
- Endpoint detection and response
- Network security
- Firewall management
- Intrusion detection systems
- Intrusion prevention systems
- Proxy configuration
- Email security protocols
- MITRE ATT&CK framework application
- Use case development
- Stakeholder management strategies
- AI tools (ChatGPT, Gemini, Co-pilot)
Certifications And Education
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Forensic Analyst (GCFA)
- ITIL V3 Certified
- Bluecoat Certified Proxy Administrator (BCCPA)
- SANS Security Essentials Bootcamp (SEC401)
- Studying: GIAC Cloud Threat Detection (GCTD)
Projects & Leadership
**Phishing Investigation Automation**
Designed and deployed logic to automate phishing triage using Proofpoint TAP/TRAP results and ChatGPT. Built logic to assess inbox dwell time and detect whether malicious emails had been contained before user interaction. Dramatically reduced manual investigation time and improved MTTR.
**Vulnerability Management Enrichment App**
Built a Python-based app using ChatGPT to assess CVE exploitability and applicability based on CVSS data, environment context, and threat landscape. Improved patch prioritization for security and infrastructure teams.
**AI-Powered CVE Analysis**
Developed a second Python tool to query OpenAI and summarize CVEs with contextual relevance to internal assets. Enabled the team to understand obscure vulnerabilities and prioritize patching with confidence.
**Business Support via Power Automate**
Created a Microsoft Power Automate workflow to manage gift register submissions, freeing up compliance staff from manual processes. Demonstrated proactive support of business functions outside cyber remit as part of Lean In objectives.
**Leadership in Agile & Collaboration Tools**
Regularly use Jira and Confluence to document security playbooks, manage sprints, and drive continuous improvement. Established transparent and efficient collaboration processes with stakeholders across IT and business units.
Timeline
Cyber Security Incident Detection & Response Lead
Tyro Payments
03.2024 - Current
Cyber Incident Responder & Threat Intel Manager
Qantas
01.2020 - 03.2024
Senior CSIRT Consultant
Verizon
06.2019 - 12.2019
CSIRT Analyst
Commonwealth Bank
11.2016 - 06.2019
Cyber Security Centre Analyst
Commonwealth Bank of Australia
12.2015 - 11.2016
Security Analyst
Commonwealth Bank of Australia
12.2010 - 12.2015
Service Desk Analyst
Commonwealth Bank of Australia
09.2008 - 12.2010
Service Desk Analyst
Telstra Bigpond
01.2007 - 09.2008
GED -
TAFE NSW
Similar Profiles
Cameron ShieldsCameron Shields
Customer Service Specialist at Tyro PaymentsCustomer Service Specialist at Tyro Payments
Min DongMin Dong
Technical Lead at Tyro PaymentsTechnical Lead at Tyro Payments
Lekha ManjrekarLekha Manjrekar
Fraud Officer at Tyro Payments LtdFraud Officer at Tyro Payments Ltd
Bradley WardBradley Ward
Personal Trainer at demon athletesPersonal Trainer at demon athletes
Samuel BullussSamuel Bulluss
Kitchen Hand at BunkerKitchen Hand at Bunker